On Jan 8, 2007, at 4:11 PM, Luis Torres wrote:
Hi,
After going through the installation guide found here *http://
www.snort.org/docs/setup_guides/Snort_Base_Minimal.pdf* I see my
logfiles as well as the alert one created, I see minimal info on
BASE but I keep seeing this message: Added 0 alert(s) to the alert
cache
That makes me think something didn't go well. I've looked around
for a solution to this but no luck yet.
Sorry for the delay in answering, I have been swamped getting
everything done so I could attend SANS Bootcamp here in Orlando
(anyone else for a BoF?)..... The message "Added 0 alerts to the
alert cache" just means that since the last time you refreshed the
page, no new alerts have happened. What happens with the alert cache
is that as the page is loaded, BASE will cache the alerts into the
various DB tables.
So basically your system is working correctly, unless Snort is not
seeing things it should?
Hope that helps,
Kevin
Kevin Johnson GCIA, GCIH, CISSP, CEH
Principal Consultant
Secure Ideas
http://www.secureideas.net
PGP.sig
Description: This is a digitally signed message part
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
